IPv6 and IPv4 Dual Stack on a Branch Router Configuration Example

From DocWiki

Contents

Introduction

This document is intended to give customers a configuration example when they are planning or deployment IPv6 in their branch networks. This document is not meant to introduce you to branch design fundamentals and best practices, IPv6, transition mechanisms, or IPv4 and IPv6 feature comparisons. The user must be familiar with the Cisco branch design best practices recommendations and the basics of IPv6 and associated transition mechanisms. For information about the enterprise design architecture, refer to the following documents:

This document contents a dual stack ipv4/ipv6 single-tier branch profile. A single-tier dual stack ipv4/ipv6 single-tier branch profile is a fully integrated solution. The requirements for LAN and WAN connectivity and security are met by a single Integrated Services Router (ISR). WAN connectivity via an Ethernet links to an Internet Service Provider (ISP). This Ethernet is used as the primary link to the headquarters (HQ) site. For WAN redundancy, a backup connection is made via T1. IPv4 connectivity to the HQ site is provided by IPv4 IPSec using Dynamic Multi-Point Virtual Private Network (DMVPN) technologies. IPv6 connectivity to the HQ site is provided by using DMVPN v6 over v4. LAN connectivity is provided by an integrated switch module (EtherSwitch Service Module). Dual-stack (running both IPv4 TCP/IP stack and IPv6 TCP/IP stack) is used on the VLAN interfaces at the branch.

In addition to all of the security policies in place at the HQ, local security for both IPv4 and IPv6 is provided by a common set of infrastructure security features and configurations in addition to the use of the Cisco IOS Firewall. QoS for IPv4 and IPv6 is integrated into a single policy.